We can no longer imagine life today without electronic signatures. This is the procedure that is recognized world-wide and that was established by relevant laws in Europe in order to build trust in electronic documents in the electronic world. They are used to protect electronic documents from unseen manipulation.
In the EU and beyond, electronic signatures with specific quality classifications have become the equivalent of the handwritten signature for the electronic world. This often also includes all of the associated legal consequences. Electronic documents that contain signatures are also increasingly exchanged across the borders of the relevant national states. This poses the question of what prerequisites must exist for the sender and recipient of electronically-signed documents so that an exchange across national borders can be correctly followed and can build trust in the legal security.
PDF documents with embedded documents constitute a large part of today’s electronically-signed documents. Above all, there are practical aspects to this since many existing signature exchange formats require separate software products for checking the signature, whereas PDF documents require a PDF Viewer that already exists on many target computers. In this context, PDF/A documents are gaining increasing importance and they have a deciding advantage. They are self-sufficient documents that do not depend on external resources. In addition to files, e-mail messages can also be signed. E-mail signatures will not be discussed further here. E-mail is considered only as a transport medium.
In this presentation, I first want to present the attributes and functions of the electronic signature and to demonstrate the forms in which electronic signatures may occur in order to then describe the general legal requirements in the EU, using Germany and Austria as an example. The example of electronic invoicing substantiates the practical use of electronic signatures since most electronic signatures are currently created for this process, but it also presents different demands. As a result of this wealth of experience, there is the prospect of helping the sometimes rough path of cross-border signing to gain more momentum.
What are electronic signatures and why do we need them?
The attributes, creation and checks of a signature
The aim of the electronic signature is to identify the signatory of an electronic document (authenticity) and to ensure that the electronic document cannot be changed (integrity). To simplify things, I now want to demonstrate to you the process of creating and checking an electronic signature.
An asymmetrical cryptographic technique is used as the basis of an electronic signature. This is based on a pair of keys, consisting of a private key and a public key. A signatory possesses the private key and the public key can be accessed by anyone.
If something is encrypted with one key, it can only be decrypted again using the other key. However, for performance reasons, you do not use the private key to encrypt the entire document. Instead, you use an intermediate step. Before the actual asymmetrical encryption, a hash function is used to determine a check total of a fixed length (hash total) from the signature object. The hash algorithm contains an attribute that always uses the document to establish the same hash total as long as this is always the same. However, if only one bit of the file is changed, the hash value changes completely. This ensures the integrity of the electronic document.
It makes sense to use the type of hash functions that avoid hash value collisions. This means that it may not be possible to change a document without changing the underlying hash value or without there being two files that have the same hash value.
The hash value is encrypted after its formation using the private key, which is owned by the signatory. This hash value that is encrypted in this way is now marked as a signature. The signature, combined with the public key, is considered to be the basis for the authenticity check of the message, i.e. the assignment of a specific signatory. This has not yet been specifically mentioned. The certificate exists for this reason.
The connection of the unique identity with the public key is ensured by the certificate, which, itself, comprises the public key. A certificate corresponds to an electronic identification, contains specifications about the certificate holder, the issuer, the validity period, online checking options and also its legal statutes (for example, qualified certificate). It is also signed in order to protect its own integrity.
A signed file therefore usually consists of three component parts. These are the original file, the signature and the certificate. These component parts can be saved in different ways, which may result in different signature exchange formats. We will go into more detail about this topic at a later point.
We will now look at the way back. How can you check an electronically-signed file? Three steps are required for this and these are described in a simple way below. All of the steps must be performed by software that checks signatures without any human interaction.
Steps for a signature check:
- Checking the signature of the file (file integrity)
- Checking the certificate path
- Checking the validity of the certificate at the time of the signature
The check of the signature of the signature object provides information about the integrity of the file. For the file signature check, the signatory’s public key is extracted from the certificate. This key is used to decrypt the signature. At the same time, the same cryptographic algorithms that were used to create the signed hash value are used to create a new hash value using the signature object. If both hash values (the newly-created hash value and the decrypted hash value) exist, the system compares the two values. If both values are the same, the file has not been changed. If the values are not the same, a change occurred but the specific change cannot actually be identified.
The certificate reveals the identity of the person, organization, unit, and so on that last signed the file. Against this background, this is particularly worthy of protection. A signature is used to protect against unseen manipulation and this signature is created by the issuer of the certificate. In step 2, the integrity of the certificate must be checked. The process occurs is similar to the principle that is described in step 1. The root certificate is at the end. This root certificate is self-signed and its signature must be checked using its own public key. In addition, the validity periods of the certificates are taken into account. A signature is then only valid if it was created within the validity period that is specified in the certificate. To that effect, not only the signature certificate but also the overlying master and root certificates are considered. Since there are two rival validity models for certificates, we must also take these into account. For German and Austrian qualified certificates, you must therefore use the validity model that corresponds with the SigG profile. For all other certificates, only the validity model that corresponds to the PKIX profile is an option.
One must now confirm online with the certificate issuer must the authenticity and the current status of the certificate on which the signed document is based. This can be compared with a request for the validity of a credit card. The protocol that is used is OCSP (online certificate status protocol). The inquiring partner receives one of three responses: Good, unknown and revoked. In the last case, the time of revocation is also specified. In turn, the response message is signed so that this can also be checked with regards to authenticity and integrity. If the response is “Revoked”, the signature software must check whether the time of the signature was before or after the time of the revocation. The validity of the signature depends on the result of this.
As an alternative to the OCSP request, there is also an option to use a certificate revocation list (CRL) to check the validity of the certificate. However, this is not recommended since a certificate revocation list a) is issued at regular intervals but is not current in the time between two publications, b) displays a directory of revoked certificates so that there is no information about unknown certificates. For example, you incorrectly draw upon an incorrect revocation list for the check of a certificate and c) CRL can easily become several megabytes large.
The described steps of a signature check must ideally be logged in the form of a check document so that the user can trace them afterwards if required.
Signature exchange formats
As already described, a signed file consists of three component parts – the signature object (original file), the signature and the certificate. These parts can be saved in one file (enveloped signature) or in two files (detached signature). In the last case, the signature and the certificate compose another file in addition to the signature object and they are referenced using the file name.
Current signature exchange formats are Cryptographic Message Syntax (CMS) format, the XML signature formats XMLDSig and XAdES that were standardized by the World Wide Web Consortium (W3C) and the internal PDF signature exchange format that corresponds to Adobe Reference Version 1.6, which is referred to below simply as the internal PDF signature. In addition, there are, for example, special signature exchange formats for Electronic Data Interchange (EDI) that are based on the CMS standard. The CMS format and the XML signature formats also support the enveloped signature and detached signature variants. Almost none of the individual standards can be transferred to each other since the details of the processing procedure of the data for the signature process are different for the individual standards. Both the CMS format and the XML signature formats require special software programs for checking signatures in order to enable the recipient to verify the signature of a file that was signed in this way.
PDF documents may be signed in the CMS format, in the detached signature variant (adjacent signature file) in both XML signature formats and in accordance with the internal PDF signature. Taking into account that the software programs for checking signatures are not yet very widespread, it is recommended that you use an internal PDF signature because products such as the Adobe Reader notify the user that the relevant document is a signed document. In either case, this supports the acceptance of signed documents because, these days, you can generally assume that there is an infrastructure that interprets PDF. For a detailed signature analysis, you can then use specifically-designed products.
The PDF itself contains various options for signing the internal PDF signature. You can use either an extract from the document or the entire document. For this reason, and due to the fact that a PDF document may also be based on other changeable sources (for example, fonts), there was, for a long time, strong resistance to using PDF formats and the internal signature (for example, in Germany). Eventually, special PDF viewers (secure viewer) were requested and developed allowing you to view a certain number of PDF documents without any room for interpretation.
When using the PDF/A standard, the user first receives a guarantee that the document does not reference any external sources or that the document can be displayed in different ways. A PDF/A document is a completely self-sufficient document that can be easily viewed across versions. This is very good for PDF documents with sensitive contents that are archived over a long period of time. Therefore, for PDF documents, many users demand that signatures are made only in the PDF/A document if these signatures equate to the handwritten signature. You can use commercially available PDF/A viewing products to view these documents. These products allow the electronic signature to be interpreted.
Status quo of the electronic signature
Electronic signatures have become well-established. If, years ago, there was a “secret technology” whose existence and functions were known to only a few people, today you can assume that a well-developed infrastructure exists in every member state of the EU and in many other countries. Several years ago, if a speaker at a presentation on the topic of electronic signatures was asked the attendees of the event whether any of them used signatures, he was met with confused looks and he presented his own signature as something special to the attendees. Today, however, authorities, companies and even private individuals use electronic signatures to secure their documents or e-mails.
Particularly important uses of electronic signatures are in businesses within the area of the value added tax law that is specially adjusted for this, for release processes, for securing quality documents and for applications to authorities. In the official environment, electronic signatures are used, for example, when creating legally effective notices (a substitution for paper hard-copy documents), in administrative procedures and when digitalizing paper hard-copy documents (verifying that the original document matches the electronic version). The judiciary uses electronic signatures, for example, to secure communication between lawyers, solicitors and courts. Private individuals use electronic signatures for tax returns or to secure e-mail correspondence (to positively authenticate the sender and to protect the e-mail message from any unseen manipulation).
The infrastructure that is required for electronic signatures will supposedly be developed further in the next few years. Many countries have initiatives to develop identification documents that contain a signature function (for example, citizen cards, identity cards, service cards and insurance cards) if this is not already in place (for example, in Belgium, France, Estonia and Austria).
This enabled the use of, and created the requirement for, electronic signatures by changing the basic legal conditions that already existed (formal requirements). Germany, for example, has had a law regarding signatures since 1997. However, electronic signatures were only significantly used after regulations regarding usage came into effect for the public sector, the private sector and the judiciary. In particular, the demand for qualified electronic signatures for electronic invoicing led to a veritable innovation drive in Germany and, for example, produced more highly-developed software products and simplified application procedures for Smart Cards. Currently, we can observe similar tendencies in many areas of the private sector and in the health sector. The private user will probably be open to the electronic signature only when slightly pressured (if no alternative is available), or if relevant applications are available that offer them an advantage.
The use of electronic signatures therefore no longer poses a big challenge at a national level. But how are electronic signatures accepted across the borders of individual member states of the EU? For this, we must consider the general basic legal conditions.
Basic legal principles for signatures
The EU directive 1999/93/EC of December 13, 1999 on a Community framework for electronic signatures is the basic principle for using electronic signatures in the EU. This directive defines the forms of the electronic signature, provides regulations for market access for certification service providers, provides regulations regarding the legal effect of electronic signatures and provides liability and acceptance provisions. Every member state of the EU had to adopt this directive as part of their national law and this means that, today, all of the member states have comparable regulations.
The directive distinguishes between the following areas:
- the electronic signature (simple electronic signature)
- the advanced electronic signature and
- the advanced electronic signature based on a qualified certificate and created using a secure-signature-creation device (in simpler terms: qualified electronic signature)
The electronic signature consists of data in electronic form, which are attached to or logically linked with other electronic data and which serve as a method for authentication. From this, we can infer that a scan of the hand-written signature in a Word document or naming the author at the end of an e-mail already corresponds to an electronic signature.
The advanced electronic signature is an electronic signature that fulfills the following requirements:
- it is assigned exclusively to the signatory;
- it is capable of identifying the signatory;
- it is created using means that the signatory can maintain under his sole control;
- it is linked with the data to which it relates that any subsequent change of the data is detectable.
As a result of this, the first time the electronic document is linked with the signed file in this way, the file can no longer be changed without this being noticed (integrity). In addition, this ensures the aspects of authenticity because the signatory can be uniquely identified. However, the advanced electronic signature is defined as being completely technologically neutral. This ultimately means that you can use any technology that complies with the requirements of the EU directive.
Only the qualified electronic signature requires a (qualified) certificate and a secure-signature-creation device. This refers to a Public Key Infrastructure particularly because the display infrastructure for this segment is also defined in the further information of the directive. In many countries, the qualified signature is the electronic equivalent to the handwritten signature and is associated with the same legal consequences. Therefore, in this case, the requirements (for example, secure-signature-creation device) are particularly stringent. The secure-signature-creation-device protects the private signature key in particular.
Many EU member states adopted the specifications of the EU directive almost verbatim. The differences between individual countries occur within the requirements for the signature software products for qualified signatures. Where this is concerned, some countries demand products that are certified or have a manufacturer’s declaration, other countries define requirements for these products but do not require any concrete proof that these conform to the law before and during circulation. Simple and advanced electronic certificates are not regulated at all.
The question now arises of what is actually valid for document exchange across national borders. There are basic regulations for this issue for the qualified electronic signature. In this case, the home state regulation prevails. This means that the qualified signature that conforms to the requirements for a qualified electronic signature in the home state must be recognized as such in the host state. The probative value that this signed file is granted depends on the relevant regulations of the host state.
This becomes complex if it becomes possible to combine different forms of signature (advanced and qualified) and, where applicable, underlying cryptographic algorithms. I want to use the example of electronic invoicing in Germany and Austria to go into further detail about this in the next chapter since we can draw upon a wealth of experience that comes from many years of intensive practical experience.
Using the signature for electronic invoicing, with Germany and Austria as examples
The basic principle for electronic invoicing is also an EU directive. This is the Council Directive 2001/115/EC of 20 December 2001 amending Directive 77/388/EEC with a view to simplifying, modernizing and harmonizing the conditions laid down for invoicing in respect of value added tax. This directive provided the first standardized regulations for the EU member states regarding the conditions for an invoice and for an electronic invoice. This EU directive led to the requirement for an advanced signature or qualified signature for electronic invoices. The member states can therefore choose which signature form they want to stipulate in their national legislation. In any case, the aim is to uniquely identify the author and to check the integrity of the file.
Germany opted for the qualified signature and Austria opted for the advanced signature. There are advantages and disadvantages to both sides of this. We want to go into further detail about these advantages and disadvantages.
For all of the people in charge of the topic of invoicing, it is clear that introducing electronic invoicing without the topic “electronic signature” poses a challenge. For this, among other activities, you must establish the communication infrastructure, add the required delivery information to the master data, obtain declarations of consent, check questions about the format of the invoices with the invoice recipient and establish archiving procedures. You must, of course, also take the relevant procedure documentation into account.
It is evident that the use of the PDF format has led to a very high acceptance level for invoice issuers and for invoice recipients. Both in Germany and in Austria, the majority of invoices that are sent are PDF documents. PDF/A files are becoming increasingly important in this area, even with regard to the legal duty to retain records.
A reason to choose the PDF format is a fast project realization, since you can create PDF files quickly and you can assume that the recipient has a program that can interpret PDF files. Among other things, an existing infrastructure that is used to extract contents data from paper documents can also be used for the incoming electronic files. This opens up the potential for the recipient to make savings by omitting the scanning process. Virtually all tax authorities stipulate that invoice recipients must keep the incoming electronic documents in their original condition in order to perform a document check on the original document.
In light of this, we will now examine the topic of the “electronic signature”. The invoice issuer must create the electronic signature as the last process step. The recipient must check the integrity and authenticity of this before processing the invoice any further and must then archive the result of this check along with the original file.
The fact that a qualified signature is required for invoices in Germany means that an individual from the company must use a secure-signature-creation-device (smart card) to request a qualified certificate and must then use this to sign invoices in the company. Since, in terms of legal consequences, the qualified signature is regarded as an equivalent to the handwritten signature, specific basic conditions apply when creating signatures. Therefore, the signature process must be under the sole control of the holder of the Smart Card in a protected operational environment. The signature process can only be started through manual interaction (specifying a time frame and/or a maximum number of signatures, entering a PIN and so on). In addition, you can use special Smart Cards that are can be used to create mass signatures.
The recipient of a signed German invoice must check not only the authenticity and integrity but they must also check whether a qualified certificate was used. Otherwise, the recipient cannot claim any input tax based on this document. In practice, organizational technical methods have been established that ensure a proper realization of the entire process. However, a certain amount of consulting and service is required before you can create or check a signature.
The situation is slightly different in Austria. In Austria, the advanced electronic signature is a minimum requirement. No type of regulation exists. The processes of realizing and operating signature projects within invoicing are considerably quicker and require little effort. Certification service providers can request and issue certificates within a day.
The challenge moves from the invoice issuer to the invoice recipient because the recipient is faced with a variety of signature exchange formats and certificates. The invoice recipients may receive certificate-based signed e-mails, certificate-based signed files and “biometrically” signed files. In addition to the RSA algorithm, elliptical curves may also occur in the certificate-based area. Some signature formats are proprietary and can therefore only be checked using software products that are used during the creation process. This may not be the only issue. In some cases, the invoice recipient does not have all of the information that is required to perform a complete check of the signature of an electronic invoice. As described at the beginning of the presentation, a complete signature check is made up of three levels. If information is missing, the second and third levels of the signature check cannot be completed by the recipient. For example, an OCSP check or CRL check.
Therefore, the invoice recipient must become active in regulating the process. In many cases, a country publishes directives that state that the only files that can be accepted are those whose signature exchange formats can be submitted and whose cryptographic algorithms or certificates can be checked. Put simply, you often only accept items that you can check using your own signature-checking software.
In Austria, the market has become heavily self-regulated. It was a rocky start, but the PDF format, particularly the PDF/A variant, and the XML format have become established for invoices that have signatures. Providers of proprietary technologies are finding things more difficult because it is hard to get customers to see the added benefits.
If an invoice that must be signed is sent from Germany to Austria, it is relatively easy for the Austrian customer to check its integrity and authenticity. If an invoice is sent in the other direction (from Austria to Germany), the German customer faces the same challenges as an Austrian invoice recipient. In the end, the customer-supplier relationship determines which form of signature for an invoice is used. Usually, a customer-friendly solution has the best chance of being accepted.
More momentum for the electronic signature
The advantages and disadvantages mentioned above should not hide the fact that, in particular, electronic invoicing has greatly stimulated the electronic signature market across Europe. This means that, today, the advantages and potential applications of this technology are much more obvious than in the past. Users can now actively differentiate between the mutual effort, the requirements for document security and the possible legal consequences. A cost-benefit analysis is becoming more and more important than the strict legal requirement for the highest level of quality in the electronic signature.
The principles that apply to the small area of electronic invoicing also apply to the entire signature market as follows: Where you want to introduce electronic files as verification across national borders, it is recommended that you use the qualified electronic signature. The EU requires that you distribute and check qualified signatures. As a result, this year, a directory service was set up for issuers of qualified certificates that are permitted in the EU.
In all other cases where no qualified signature is required, you can use the more simple (and easier to realize) advanced electronic signature as this already offers the important attributes of the signature. It is beneficial if the communication parties agree on the relevant use.
Users are increasingly perceiving, and accepting, PDF documents to be the electronic equivalent of hard-copy paper documents. In this context, PDF/A documents play an important role and may develop into a killer application. Together, PDF/A documents and the signature have valuable attributes. On the one hand, they can be uniquely identified and, on the other hand, the use of the signature conveys confidence – confidence in the integrity and the authenticity of the document. So that the signature technology can be developed further in a positive way, an important aspect is easy access to the document contents and to the option for checking the signature of signed PDF/A documents. In the past, the acceptance process was hindered if customers had to install an additional program to check signatures but the program could not display the document contents.
The current trends are promising. Many PDF/A converters now have gateways to programs that create signatures, and many PDF/A applications for checking and viewing have gateways to components for checking signatures. This means that there is nothing to stop further distribution of the technology. Sarbanes-Oxley, Basel II etc. are helping more companies to realize that electronic documents can be uniquely assigned to the author and that this can prevent misunderstandings, misinterpretations and identity abuse. You can only do this by using the signature. Therefore, we have made a promising start in the wide spectrum of use for this technology. PDF/A will contribute greatly to this in order to establish signatures as part of our daily life and across national borders.